How to receive e-mail alerts from internal devices
-
@tim_g said in How to receive e-mail alerts from internal devices:
I'm doing the same thing (also on a .local) using an O365 relay server. It's a Windows Server set up to be an SMTP relay for O365.
If you fire an email to it, it'll relay it to O365, and send as whatever "from address" you use, so long as the SMTP Relay account is able to send on behalf of that email.
What I do, is set up an O365 security group for each email I want to send as.
Example:
- Set up a security group in O365 and set the email to [email protected]
- Give the "smtp relay" account permission to send as/send on behalf on the above.
- Use that email as the "from address", and point your server to the SMTP relay server.
I haven't done it on Linux, so I'm completely unfamiliar with that, but I can walk you through setting it up on a Windows Server using the built-in components (it uses IIS), if you go the Windows Server route.
@Tim_G Looks like a good opportunity for a write-up/guide :winking_face: I'd like to do this Linux first but if all else fails, I will revert to this. Would be nice to have a write-up to fall back on and for others who come looking. I'd love to know how to do it both ways for future use case.
-
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/ -
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
-
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/For Postfix to enable TLS, all you need to add to the main config file is this line:
smtp_tls_security_level = may
Email headers confirm that emails are encrypted. I've checked on Gmail as well as my Office 365 email.
-
@nashbrydges said in How to receive e-mail alerts from internal devices:
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/For Postfix to enable TLS, all you need to add to the main config file is this line:
smtp_tls_security_level = may
Email headers confirm that emails are encrypted. I've checked on Gmail as well as my Office 365 email.
That's good know.
-
@black3dynamite Here is what it looks like at the Gmail end (personal details obfuscated).
-
@black3dynamite said in How to receive e-mail alerts from internal devices:
In the
/etc/postfix/main.cf
file, the following would need to be changed:
inet_interfaces needs to be changed fromlocalhost
toall
mynetworks should include the networks or hosts that will be accessing your postfix server.Made these changes along with ensuring that SMTP ports were open and I am now receiving email from the UPS device via Postfix.
Settings on UPS:
From: [email protected]
SMTP Server: Postfix server IP Address (192.168.1.x)
Port: 25
No authenticationIf this works on the rest of my devices, then I believe we'll be in business and I won't have to involve Office365 at all.
-
@nashbrydges said in How to receive e-mail alerts from internal devices:
@tim_g said in How to receive e-mail alerts from internal devices:
I'm doing the same thing (also on a .local) using an O365 relay server. It's a Windows Server set up to be an SMTP relay for O365.
If you fire an email to it, it'll relay it to O365, and send as whatever "from address" you use, so long as the SMTP Relay account is able to send on behalf of that email.
What I do, is set up an O365 security group for each email I want to send as.
Example:
- Set up a security group in O365 and set the email to [email protected]
- Give the "smtp relay" account permission to send as/send on behalf on the above.
- Use that email as the "from address", and poing yoru server to the SMTP relay server.
I haven't done it on Linux, so I'm completely unfamiliar with that, but I can walk you through setting it up on a Windows Server using the built-in components (it uses IIS), if you go the Windows Server route.
That works for those devices that can self-authenticate via an actual account on Office 365. That works for my Sophos XG UTM for example but not for the majority of Linux servers I'm running.
No authentication is needed, that's what the SMTP server is for. For internal devices, so long as they all an SMTP server and port, optionally a from address... that's all that is needed. The SMTP server (O365 Relay) takes care of the auth.
-
@zachary715 said in How to receive e-mail alerts from internal devices:
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
You don't need a relay if whatever is sending alerts/emails does full authentication by itself. The problem is that many things do not, and many do not even do authentication at all and just have a spot for server and port only.
-
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
Not last time I checked. I do it because i like encryption, but it is not required.
-
@zachary715 said in How to receive e-mail alerts from internal devices:
Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
How is the email "internal"? Do you have a local email server hosting email?
I do not think you even understand what you are asking here. -
@zachary715 said in How to receive e-mail alerts from internal devices:
- We currently are Office365 users.
You have no internal email. period.
-
-
Setting up a Postfix relay. I need to rewrite this as I took the blog down.
Note: this works for O365 also if you setup your public IP as a connectoer in Office 365.
-
@jaredbusch said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
How is the email "internal"? Do you have a local email server hosting email?
I do not think you even understand what you are asking here.Yeah good point. It has to go external since I'm using Office 365. My point though was simply do I need to relay to Office 365 to get what I need, or is a simple postfix server sufficient? I have my first device setup and working fine the way I intended. Not sure if other devices will cooperate as easy or not.
Is there a security or other reason to not set it up this way? Are there any benefits to running the relay through Office 365? All questions I have to better wrap my head around this.
-
@jaredbusch said in How to receive e-mail alerts from internal devices:
Setting up a Postfix relay. I need to rewrite this as I took the blog down.
Note: this works for O365 also if you setup your public IP as a connectoer in Office 365.
Yeah I actually saw that thread but as you stated, the blog was down so I just started a new thread to discuss it. I wanted to know more than "How to setup with Office365" though to understand why that was needed at all. Obviously will be very helpful though if I get to needing it so thanks for sharing.
-
@zachary715 said in How to receive e-mail alerts from internal devices:
@jaredbusch said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
How is the email "internal"? Do you have a local email server hosting email?
I do not think you even understand what you are asking here.Yeah good point. It has to go external since I'm using Office 365. My point though was simply do I need to relay to Office 365 to get what I need, or is a simple postfix server sufficient?
You have to SEND to O365 always. You have no local mail server to send to. It is not necessarily a "relay". It can just send to anyone, your own MX included.
-
@jaredbusch said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
@jaredbusch said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
How is the email "internal"? Do you have a local email server hosting email?
I do not think you even understand what you are asking here.Yeah good point. It has to go external since I'm using Office 365. My point though was simply do I need to relay to Office 365 to get what I need, or is a simple postfix server sufficient?
You have to SEND to O365 always. You have no local mail server to send to. It is not necessarily a "relay". It can just send to anyone, your own MX included.
I understand what you're saying. Step Q of your guide is what I've skipped thus far and I'm trying to determine if/when it's needed. I haven't connected this postfix server to any SMTP connectors with Office365. As far as Office 365 is concerned, this postfix server doesn't exist and isn't interacting, other than when it sends email to one of its recipients.
In what scenario would I need/want to connect the postfix server to an SMTP connector with Office 365? What functionality, security, or otherwise do I gain?
-
@tim_g said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
You don't need a relay if whatever is sending alerts/emails does full authentication by itself. The problem is that many things do not, and many do not even do authentication at all and just have a spot for server and port only.
Ahh so I skipped over this. The device I'm sending from now doesn't require authentication, although it is available. I have skipped it. Should I desire authentication for security reasons? Are there other devices I'll likely run into which will require authentication, therefore requiring me to connect to Office365?
-
@zachary715 said in How to receive e-mail alerts from internal devices:
@tim_g said in How to receive e-mail alerts from internal devices:
@zachary715 said in How to receive e-mail alerts from internal devices:
@black3dynamite said in How to receive e-mail alerts from internal devices:
To have postfix relay to Office 365, you would need to setup postfix to use TLS.
If you are using Fedora make sure you have these packages installed:
sudo dnf -y install postfix cyrus-sasl cyrus-sasl-plain mailx
Installing
cyrus-sasl
andcyrus-sasl-plain
is needed if you want to configure postfix to use TLS.Start at the section where it talks about configuring postfix to use TLS.
https://gordan.jandreoski.me/how-to-configure-postfix-relay-to-office365-on-ubuntu-14-04/Well this is part of my initial question is DO I NEED IT TO RELAY TO OFFICE365 AT ALL if it'll all be internal devices? You could make the argument I guess that eventually there may be an external device I wanted to use this for so set it up this way, but this is what I'm trying to uncover. Complete noob here.
You don't need a relay if whatever is sending alerts/emails does full authentication by itself. The problem is that many things do not, and many do not even do authentication at all and just have a spot for server and port only.
Ahh so I skipped over this. The device I'm sending from now doesn't require authentication, although it is available. I have skipped it. Should I desire authentication for security reasons? Are there other devices I'll likely run into which will require authentication, therefore requiring me to connect to Office365?
Well you can send an email to whoever you want without authentication.
The issue is "sending as".
For example, you cannot send an email to someone using my O365 email address (spoofing) because most mail services check for that. Also, in order to send as a legit O365 email address, you would of course need to authenticate through O365. (smtp authentication)
That's why you can send an email to yourself from "[email protected]"..., but you can't send it legitimately as an O365 email.
It really depends on your email settings. Microsoft or Google may not accept an email like that unless you allow that sender first.
I use an O365 relay because we have a lot of notifications that go out from different softwares and systems that need to use legitimate emails to send as, and to be received by a lot of different people over different email services. So everything needs to be officially sent via O365.